Information Warfare: Another Attack On Internet Central


February11, 2007: On February 6th, there was another major attack on one of the core elements of the Internet, two of the 13 root server computer systems. The attack failed, but it did temporarily show down the two root servers. A successful attack on the root servers would disrupt world wide use of the Internet. The 13 DNS (Domain Name Server) root servers around the world are a key element of the net. There is one master root server that updates the information on the other 12 root servers once or twice a week. These root servers contain the master list of registered domain names and their numerical addresses that all other DNS databases consult. Hacking a root server could, for example, redirect Internet traffic to a false site posing as a bank and, say, collect credit card information. With regard to a cyberwar, if all the root servers were physically destroyed , the Internet could actually continue to function, as the vast majority of domain names don't change. You wouldn't be able to add new Internet addresses until the root servers were reconstructed.

The February 6th attack was a denial of service (DOS) attack, attempting to shut down the root server by flooding it with junk data. Most of the junk was coming from zombie (taken over by hackers) PCs in South Korea. The last time anyone attempted such an attack was in 2002. That one had more impact, by disrupting the functioning of several root servers. Both attacks occurred during the annual meeting of the North American Network Operators' Group, but no one has yet found a connection.

It's unclear what this latest attack was all about. It may have been simply a test of the root server defenses, which have been much improved since the 2002 attacks. Then again, the recent attack may have been a cover for an attempt to hack the root servers, and do some real mischief. The attacked root servers are still being examined to see what, if any, lasting damage was done. Investigators are more concerned with hacks that would assist common criminality, like bank robbery, not international terrorism.




Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close